Currently JettyAdminServer starting on "0.0.0.0" IP. "0.0.0.0" means "all IP addresses on the local machine". So, if your webserver machine has two ip addresses, 192.168.1.1(private) and 10.1.2.1(public), and you allow a webserver daemon like apache to listen on 0.0.0.0, it will be reachable at both of those IPs.
This is security issue. webserver should be accessible from only configured IP